I think it's getting better, but I wouldn't call them Internet Naming Authorities. Should we just call them higher-level entities? Also, while the biggest help that PSD DMARC would make is for non-existent organizational domains, it can also help with other domains that haven't expressed a DMARC policy, so the abstract shouldn't only discuss unregistered domains.
How about this: -- DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a scalable mechanism by which a mail-originating organization can express policy preferences for validation and disposition of messages which purport to come from owned domains, as well as requesting feedback reporting about those message validation and disposition actions. These features allow the Domain Owner to detect and inhibit domain name abuse. DMARC is designed for use by individual Domain Owners or organizational Domain Owners for their domains and sub-domains. Consequently, DMARC preferences by higher-level entities that have Organizational Domains below them in the DNS hierarchy cannot be specified for sub-domains in their purview. Those higher-level entities have an interest in detecting and inhibiting domain name abuse for domain names within their section of the DNS tree, and message recipients have an interest in preventing deception by entities using those domain names as well. Since its deployment in 2015, use of DMARC has shown a clear need for the ability to express policy preferences for these domains. Domains at which higher-level entities accept registrations by multiple organizations or other separate entities are referred to as Public Suffix Domains (PSDs). This document describes an extension to DMARC to enable DMARC functionality for PSDs. It also addresses implementations that consider a domain on a Public Suffix List to be ineligible for DMARC enforcement. This document also describes an extension to DMARC to specify separate, often stricter, policy preferences for non-existent sub-domains. -- Thanks, -Eric ___________________________________ Eric Chudow DoD Cybersecurity Mitigations 410-854-5735, [email protected] From: Douglas Foster <[email protected]> Sent: Saturday, February 20, 2021 9:01 AM To: Dave Crocker <[email protected]> Cc: Murray S. Kucherawy <[email protected]>; IETF DMARC WG <[email protected]> Subject: Re: [dmarc-ietf] Fwd: I-D Action: draft-ietf-dmarc-psd-10.txt This wording attempts to address the objections by giving "registration" a specific context. I also rewrote some of it for readability. - - DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a scalable mechanism by which a mail-originating organization can policies and preferences for validation and disposition of messages which purport to come from owned domains, as well as requesting feedback reporting about those message validation and disposition actions. These features allow the domain owner to detect and inhibit domain name abuse. DMARC is designed for use by domain owners. Consequently it has no applicability for domains that have no owner because the domain has never been registered with an Internet Naming Authority. Those authorities have an interest in detecting and inhibiting abuse of the name registration process, and message recipients have an interest in preventing deception by entities using unregistered organization domain names. Domains at which Internet Naming Authorities perform registration are referred to as Public Suffix Domains (PSDs). This document describes an extension to DMARC to enable DMARC functionality for PSDs. This document also seeks to address implementations that consider a domain on a public Suffix list to be ineligible for DMARC enforcement. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
